Re: pointer for home networking

To: debian-user@lists.debian.org
Subject: Re: pointer for home networking
From: Joe <joe@jretrading.com>
Date: Wed, 28 Sep 2005 00:02:41 +0000
Message-id: <[🔎] dhcj2b$rlm$1$8300dec7@news.demon.co.uk>
In-reply-to: <4RuIO-7uQ-45@gated-at.bofh.it>
References: <[🔎] 33685.62.56.55.238.1127853828.squirrel@mail.rbgi.net> <[🔎] 200509272049.15694.linux-debian@shadypond.com> <[🔎] 33267.62.56.55.238.1127854435.squirrel@mail.rbgi.net>

michael wrote:


But, can we now take it as given I want to set up my PC as a router, and
thus I am looking for a 'simple how to' in order to do this. I would have
thought it was about 3 commands on each PC!


Ah, you've realised how Usenet works...

OK, look at it from an experienced Debian user's point of view:
what you want to do is fairly trivial, we've all done it, but we
don't remember exactly what we did, and don't want to compromise
our reputations by getting it wrong. I don't care.

Firstly, it is possible, and for us not too hard. You need to:

a) Have a Debian machine with two IP interfaces, one connected
to the Internet. People are quite rightly very sniffy about USB
modems, as they bring problems of their own. Routers are better,
for many reasons. Buy one when you can afford to.

b) Tell Linux to forward IP packets between the interfaces.
The metafile /proc/sys/net/ipv4/ip_forward must contain 1
to do this. An echo command is the traditional way to do this,
as the whole /proc filesystem is recreated at every boot.

c) Tell Linux not accept anything that tries to get in. There
are numerous firewall interface programs, but I don't think
there's any real alternative to studying the iptables syntax.
Debian does not as yet offer a means of control of iptables
as a daemon (which it isn't, but that's a convenient control
method), so usage of iptables is still a matter of sending a
series of commands which describe what is and what isn't allowed.
A script is a convenient way to do this. iptables is also extremely
useful as a network diagnostic tool, so reasonable familiarity with
it will help in many other areas.

d) Tell all the other machines on the network to use the Debian
machine's internal IP address as gateway. Preferably install a
DNS server (e.g. bind), and also tell the other machines to use
it as DNS server. Otherwise give all the other machines the IP
address(es) of your ISP's DNS servers as their DNS entries.

Use DHCP to get the information to your other machines if you want
to, but if you only have a few machines it's not usually worth
doing.

What you want to do is well documented, but like most others here
I have no idea what I read in order to do this. Basically, IP
forwarding, firewalling and setting the gateway and DNS in the
client machines are what you have to do. Look up several (different)
references with Google and you will get a feel for what is going on.

Reply to:

Follow-Ups:
- Re: pointer for home networking
  - From: "Roberto C. Sanchez" <roberto@familiasanchez.net>

References:
- Re: pointer for home networking
  - From: "michael" <linux@networkingnewsletter.org.uk>
- Re: pointer for home networking
  - From: Pollywog <linux-debian@shadypond.com>
- Re: pointer for home networking
  - From: "michael" <linux@networkingnewsletter.org.uk>

Prev by Date: Re: very slow usb 2.0
Next by Date: Re: More than 2, but less than 3 GiB per process memory?
Previous by thread: Re: pointer for home networking
Next by thread: Re: pointer for home networking
Index(es):
- Date
- Thread